<?php
namespace Zotlabs\Module;
require_once('include/channel.php');
require_once('include/conversation.php');
require_once('include/acl_selectors.php');
class Webpages extends \Zotlabs\Web\Controller {
function init() {
if(argc() > 1 && argv(1) === 'sys' && is_site_admin()) {
$sys = get_sys_channel();
if($sys && intval($sys['channel_id'])) {
\App::$is_sys = true;
}
}
if(argc() > 1)
$which = argv(1);
else
return;
profile_load($which);
}
function get() {
if(! \App::$profile) {
notice( t('Requested profile is not available.') . EOL );
\App::$error = 404;
return;
}
$which = argv(1);
$_SESSION['return_url'] = \App::$query_string;
$uid = local_channel();
$owner = 0;
$channel = null;
$observer = \App::get_observer();
$channel = \App::get_channel();
if(\App::$is_sys && is_site_admin()) {
$sys = get_sys_channel();
if($sys && intval($sys['channel_id'])) {
$uid = $owner = intval($sys['channel_id']);
$channel = $sys;
$observer = $sys;
}
}
if(! $owner) {
// Figure out who the page owner is.
$r = q("select channel_id from channel where channel_address = '%s'",
dbesc($which)
);
if($r) {
$owner = intval($r[0]['channel_id']);
}
}
$ob_hash = (($observer) ? $observer['xchan_hash'] : '');
$perms = get_all_perms($owner,$ob_hash);
if(! $perms['write_pages']) {
notice( t('Permission denied.') . EOL);
return;
}
$mimetype = (($_REQUEST['mimetype']) ? $_REQUEST['mimetype'] : get_pconfig($owner,'system','page_mimetype'));
$layout = (($_REQUEST['layout']) ? $_REQUEST['layout'] : get_pconfig($owner,'system','page_layout'));
// Create a status editor (for now - we'll need a WYSIWYG eventually) to create pages
// Nickname is set to the observers xchan, and profile_uid to the owner's.
// This lets you post pages at other people's channels.
if((! $channel) && ($uid) && ($uid == \App::$profile_uid)) {
$channel = \App::get_channel();
}
if($channel) {
$channel_acl = array(
'allow_cid' => $channel['channel_allow_cid'],
'allow_gid' => $channel['channel_allow_gid'],
'deny_cid' => $channel['channel_deny_cid'],
'deny_gid' => $channel['channel_deny_gid']
);
}
else
$channel_acl = array();
$is_owner = ($uid && $uid == $owner);
$o = profile_tabs($a, $is_owner, \App::$profile['channel_address']);
$x = array(
'webpage' => ITEM_TYPE_WEBPAGE,
'is_owner' => true,
'nickname' => \App::$profile['channel_address'],
'lockstate' => (($channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid']) ? 'lock' : 'unlock'),
'acl' => (($is_owner) ? populate_acl($channel_acl,false, \Zotlabs\Lib\PermissionDescription::fromGlobalPermission('view_pages')) : ''),
'showacl' => (($is_owner) ? true : false),
'visitor' => true,
'hide_location' => true,
'hide_voting' => true,
'profile_uid' => intval($owner),
'mimetype' => $mimetype,
'mimeselect' => true,
'layout' => $layout,
'layoutselect' => true,
'expanded' => true,
'novoting'=> true,
'bbco_autocomplete' => 'bbcode',
'bbcode' => true
);
if($_REQUEST['title'])
$x['title'] = $_REQUEST['title'];
if($_REQUEST['body'])
$x['body'] = $_REQUEST['body'];
if($_REQUEST['pagetitle'])
$x['pagetitle'] = $_REQUEST['pagetitle'];
$editor = status_editor($a,$x);
// Get a list of webpages. We can't display all them because endless scroll makes that unusable,
// so just list titles and an edit link.
/** @TODO - this should be replaced with pagelist_widget */
$sql_extra = item_permissions_sql($owner);
$r = q("select * from iconfig left join item on iconfig.iid = item.id
where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'WEBPAGE' and item_type = %d
$sql_extra order by item.created desc",
intval($owner),
intval(ITEM_TYPE_WEBPAGE)
);
// $r = q("select * from item_id left join item on item_id.iid = item.id
// where item_id.uid = %d and service = 'WEBPAGE' and item_type = %d $sql_extra order by item.created desc",
// intval($owner),
// intval(ITEM_TYPE_WEBPAGE)
// );
$pages = null;
if($r) {
$pages = array();
foreach($r as $rr) {
unobscure($rr);
$lockstate = (($rr['allow_cid'] || $rr['allow_gid'] || $rr['deny_cid'] || $rr['deny_gid']) ? 'lock' : 'unlock');
$element_arr = array(
'type' => 'webpage',
'title' => $rr['title'],
'body' => $rr['body'],
'created' => $rr['created'],
'edited' => $rr['edited'],
'mimetype' => $rr['mimetype'],
'pagetitle' => $rr['v'],
'mid' => $rr['mid'],
'layout_mid' => $rr['layout_mid']
);
$pages[$rr['iid']][] = array(
'url' => $rr['iid'],
'pagetitle' => $rr['v'],
'title' => $rr['title'],
'created' => datetime_convert('UTC',date_default_timezone_get(),$rr['created']),
'edited' => datetime_convert('UTC',date_default_timezone_get(),$rr['edited']),
'bb_element' => '[element]' . base64url_encode(json_encode($element_arr)) . '[/element]',
'lockstate' => $lockstate
);
}
}
//Build the base URL for edit links
$url = z_root() . '/editwebpage/' . $which;
$o .= replace_macros(get_markup_template('webpagelist.tpl'), array(
'$listtitle' => t('Webpages'),
'$baseurl' => $url,
'$create' => t('Create'),
'$edit' => t('Edit'),
'$share' => t('Share'),
'$delete' => t('Delete'),
'$pages' => $pages,
'$channel' => $which,
'$editor' => $editor,
'$view' => t('View'),
'$preview' => t('Preview'),
'$actions_txt' => t('Actions'),
'$pagelink_txt' => t('Page Link'),
'$title_txt' => t('Page Title'),
'$created_txt' => t('Created'),
'$edited_txt' => t('Edited')
));
return $o;
}
function post() {
if(($_FILES) && array_key_exists('zip_file',$_FILES) && isset($_POST['w_upload'])) {
$source = $_FILES["zip_file"]["tmp_name"];
$type = $_FILES["zip_file"]["type"];
$okay = false;
$accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed');
foreach ($accepted_types as $mime_type) {
if ($mime_type == $type) {
$okay = true;
break;
}
}
if(!$okay) {
json_return_and_die(array('message' => 'Invalid file MIME type'));
}
$zip = new \ZipArchive();
if ($zip->open($source) === true) {
$tmp_folder_name = random_string(5);
$website = dirname($source) . '/' . $tmp_folder_name;
$zip->extractTo($website); // change this to the correct site path
$zip->close();
@unlink($source); // delete the compressed file now that the content has been extracted
require_once('include/import.php');
$elements = [];
$elements['pages'] = scan_webpage_elements($website, 'page');
$elements['layouts'] = scan_webpage_elements($website, 'layout');
$elements['blocks'] = scan_webpage_elements($website, 'block');
$channel = \App::get_channel();
// Import layout first so that pages that reference new layouts will find
// the mid of layout items in the database
foreach($elements['layouts'] as &$layout) {
$layout = import_webpage_element($layout, $channel, 'layout');
}
foreach($elements['pages'] as &$page) {
$page = import_webpage_element($page, $channel, 'page');
}
foreach($elements['blocks'] as &$block) {
$block = import_webpage_element($block, $channel, 'block');
}
// Without the if statement below, the folder is deleted before the import completes.
if($elements) {
rrmdir($website); // Delete the temporary decompressed files
}
}
return null;
}
if (($_POST) && array_key_exists('path',$_POST) && isset($_POST['cloudsubmit'])) {
$ret = [];
// Warning: Do not edit the following line. The first symbol is UTF-8 @
$path = str_replace('@','@',notags(trim($_REQUEST['path'])));
$h = @parse_url($path);
if(! $h || !x($h, 'path')) {
return null;
}
if(substr($h['path'],-1,1) === '/') {
$h['path'] = substr($h['path'],0,-1);
}
if(substr($h['path'],0,1) === '/') {
$h['path'] = substr($h['path'],1);
}
$folders = explode('/', $h['path']);
$f = array_shift($folders);
$channel = \App::get_channel();
$nick = \App::$profile['channel_address'];
//check to see if the absolute path was provided (/cloud/channelname/path/to/folder)
if(($f === 'cloud') ) {
$g = array_shift($folders);
if( $g !== $nick) {
// if nick does not follow "cloud", then the top level folder must be called "cloud"
// and the given path must be relative to "/cloud/channelname/".
$folders = array_unshift($f,array_unshift($g, $folders));
}
}
$clouddir = 'store/' . $nick . '/';
$folder_path = $clouddir . implode('/', $folders);
// if(!(is_dir($folder_path) && is_readable($folder_path))) {
// logger('path is not readable: ' . $folder_path);
// return null;
// }
$subdir = '/';
$valid = true;
while($folders && $valid && is_dir($clouddir . $subdir) && is_readable($clouddir . $subdir)) {
logger('hashed path: ' . $clouddir . $subdir);
$valid = false;
$f = array_shift($folders);
$items = array_diff(scandir($clouddir . $subdir), array('.', '..')); // hashed names
foreach($items as $item) {
$filename = find_filename_by_hash($channel['channel_id'], $item);
if($filename === $f) {
$subdir .= $item . '/';
$valid = true;
}
}
}
if(!$valid) {
logger('path is not valid: ' . $folder_path);
}
return null;
}
}
}